Electronic health record (EHR) systems are systems utilized by healthcare organization to generate and maintain health records for patients. As a patient visits different healthcare organizations using different EHR systems, his or her medical records become scattered across various EHR systems. This leads to “silos” of health data for the patient that can be difficult to access. For instance, a patient may make an emergency room visit, and a hospital system that operates the emergency room may use a first EHR system to generate and maintain patient records. Sometime thereafter, the patient may visit an orthopedic surgery center, where the center utilizes a second EHR system to generate and maintain patient records. Conventionally, a healthcare worker at the orthopedic surgery center is unable to access the records about the patient generated and stored by the first EHR system. Instead, the healthcare worker must contact the hospital that operates the emergency room, whereupon the hospital will provide a summary of a patient record of interest to the healthcare worker at the orthopedic surgery center (presuming that the patient consented to the sharing of the patient record).
Conventional EHR systems are not well suited for granular digital rights management (DRM). More specifically, conventional EHRs store data in conformance with data structures designed decades ago when digital rights management was not a priority to designers of electronic health records. Moreover, any DRM restrictions assigned to a conventional electronic health record tend not to follow the electronic health record as it is transferred across EHRs. In an example, the patient may wish that a first healthcare worker (e.g., a clinician) be provided with access to a first portion of his or her health record, but not a second portion. Likewise, the patient may wish that a second healthcare worker be provided with access to the second portion of his or her health record, but not the first portion. Even if the EHR were to support these DRM restrictions, if the patient were to change healthcare providers (or if the healthcare enterprise were to change its EHR), the DRM restrictions would not follow the health records of the patient.